-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CLI always defaults to unecrypted json #5194
Comments
Issue bitwarden#5194: bitwarden#5194 The cli previously would take any value for the export format and default to unencrypted json if it wasn't a supported format. This behavior is a little dangerous because if for instance typed "json_encrypted" instead of "encrypted_json" and naively saved the file you might be surprised to learn the payload was not actually encrypted even though the command completed successfully. This change adds a guard clause when converting the string value passed in via `--format` into the type `ExportFormat` to ensure that the format provided is one of the supported types.
Hi there, Thank you for your report! I was able to reproduce this issue, and I have flagged this to our engineering team. We have also noted the PR you have submitted. If you wish to add any further information/screenshots/recordings etc., please feel free to do so at any time - our engineering team will be happy to review these. Thanks once again! |
No worries at all. Please feel free to reach out if you need any more information or have any alterations you'd like me to make to the PR. |
* Fail on unsupported export format Issue #5194: #5194 The cli previously would take any value for the export format and default to unencrypted json if it wasn't a supported format. This behavior is a little dangerous because if for instance typed "json_encrypted" instead of "encrypted_json" and naively saved the file you might be surprised to learn the payload was not actually encrypted even though the command completed successfully. This change adds a guard clause when converting the string value passed in via `--format` into the type `ExportFormat` to ensure that the format provided is one of the supported types. * Move isSupportedExportFormat to private method
Steps To Reproduce
bw export --output /tmp/test --format asdfasgas; cat /tmp/test
Expected Result
I expect the CLI to return an error saying that the format is invalid. Always defaulting to an unencrypted json blob seems like it could have some consequences. For example, this came up when I put in
--format json_encrypted
rather than--format encrypted_json
. I was surprised when I opened the json blob to see my data unecrypted.Actual Result
CLI always defaults to raw unecrypted json even if the format provided is giberish.
Screenshots or Videos
No response
Additional Context
No response
Operating System
macOS
Operating System Version
No response
Shell
Zsh
Build Version
2023.3.0
Issue Tracking Info
The text was updated successfully, but these errors were encountered: